{"report_id":"06849fff-a7f4-4784-92b6-816395ba825e","version":6,"status":"done","tags":[],"date":"2026-05-07T10:36:57Z","url":{"schema":"http","addr":"upstar.agency","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"upstar.agency/","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"title":"Parked Domain name on Hostinger DNS system","dom":{"size":32397,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (32397), with no line terminators","md5":"174f03e4773c515f4c83d31b164d9df6","sha1":"eaf85e3a821322f843e1375a771f9ac3816e7aa0","sha256":"47a5637053e53a4d25ad33be042f91fe88c32c2ce5404f7cc11e7ff115c2d705","sha512":"a0c5c1e462beb8d35d05d8db33b169304e96e6c18a960f2c80aa3a84cbe70692547d0bcf87e33a8a50729383a4391b4e47e0b0b2d98eeab7deb8f1d59aa99307","ssdeep":"768:jyF7Qsu+tgns8/Q7la4Xoo9MJ0u051FS5jIY:jk7Qsu+GnLlyMJ031w8Y","tlshash":"8ee20bf692c031f5a04bd3f5fc677b69722e70beb7148998c6e40984e1c59a88dacdc4","dom_hash":"domhash49a71bd428836093f3c16f3895ab6ef0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"upstar.agency","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":0,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-11T10:36:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"upstar.agency","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-05-03T22:40:46.979571Z","alert_count":0,"request_count":1,"received_data":846,"sent_data":889,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-03T22:20:33.622142Z","alert_count":0,"request_count":1,"received_data":2415,"sent_data":503,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.no","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-05-03T22:40:46.955695Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":651,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upstar.agency","ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-07T10:36:58.895647Z","last_seen":"2026-05-07T10:36:58.895647Z","alert_count":4,"request_count":4,"received_data":152231,"sent_data":1586,"comment":"","tags":null,"fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":2,"received_data":139906,"sent_data":1080,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-03T22:25:11.554838Z","alert_count":0,"request_count":2,"received_data":864122,"sent_data":884,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-26575989-44","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e918c344b239d442b253061bab845f2","sha1":"e4e85bcfc6d1cb03f0aa6be795946205ba1fb974","sha256":"43838c712891f86c28ff229c0f8834dea3d44e25421ac9e2637d2f1986e0804f","sha512":"58a9c5a74fd2fee1c8461b15d6410f6e0508da03705da3d375a112d99c32350c0d8dbf41e771dbeb765a22dc78b9ee4208a077c211b8465bedc0e79125246854","ssdeep":"6144:kn61w2JpgY4auITvct+BwZ70nY84Ofprj9:E2JF40R4C9","tlshash":"087409cdb3d674629393a478503f018ba27a7892f84cc899f186dcd42e7469a4237f7d","size":359103,"data":"","first_seen":"2026-05-07T08:56:38.59907Z","last_seen":"2026-05-07T13:27:05.805473Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"upstar.agency/sandbox%20eval%20code","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-07T12:56:13.639951Z","times_seen":850861,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-07T12:56:13.656265Z","times_seen":849209,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e6551","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3e3507e8e18ffdecca153897b920b68","sha1":"13cdd323adba8aa88ad15af594b82c92d1634132","sha256":"bdfad233a145f6e84dab7d3d9a26a8986a1318684ad1a5dfc961f7a3e0819c1e","sha512":"fba8b38d7116ce933e33a11296bb68a6e0fc66161a0f9ee59a9d34b1f7ecbb06912ebc8690cf8b6effe787911b654d5c61bba1b60d97ec37a664a679ebf972c6","ssdeep":"6144:Ocrn61niIJpgh4VLnt9uF4vct+BwZ7hNzBHuLF2jo:NuiIJa4VnGL1o","tlshash":"bdb4f9ceb3d674525396f478903f01cba97b39a2b49cc89ab189cce02e3455a5137f78","size":503785,"data":"","first_seen":"2026-05-07T08:56:38.595331Z","last_seen":"2026-05-07T13:27:05.80729Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"upstar.agency/","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4945b5ff2cf7db5523a0c3db817e5a69","sha1":"10fdbdcb1c153429ba36982f7828d2bb47a54924","sha256":"cf2eae9c78d7609467d24231d8460dac1cf0749b8ff016de5073495c759496a6","sha512":"53de19dd5c86cab1a70d37bd8b93015e022627cfe27ee67d7b7dab90a0769d646e151c120af8b43cfe3d321840d79ea222657ef621d15475bb1737dfe439b1d9","ssdeep":"","tlshash":"e1c02bd83d0b4c6111fb33d00b1fbf087205331035c104710405f008123ce1f904cc40","size":139,"data":"","first_seen":"2024-01-23T07:30:21Z","last_seen":"2026-05-07T12:09:58.49024Z","times_seen":5245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"upstar.agency/","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"675249d94e0a3644d6880b8c779a631f","sha1":"0965f6e8c27b33b96b5d60eadd7023ee339429c8","sha256":"9bf5d3e17b35ce569ff6a5a7570a9cb0f66344b27cb93d5d5cef3cc439595d8c","sha512":"d83473d905eb8883e55fb5eb24200bac277a3a6ae6e7dd5fc030b61ff9a418dd837b833a8a2cf9b129d9024b9de8c8a20b552ede0888bde82b5c01c5bb8eec7f","ssdeep":"96:DzyL1Yv7dowiRJGP3WBIagi5CImcm/lFyjBnyS0egZ+/LVFH/wI5:DzH7dowiTGPQIagWCZ9/lClyYgWvfw6","tlshash":"65b1e7122242296f65dbd5173ccb794d67ade16da58c1004ce0c4a6420a1f35dfbefec","size":5327,"data":"","first_seen":"2026-03-05T09:28:11.692166Z","last_seen":"2026-05-07T12:09:58.490981Z","times_seen":2366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"upstar.agency/","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-07T10:36:34.943Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: upstar.agency\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 07 May 2026 10:36:34 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nVary: Accept-Encoding\r\nCache-Control: no-store\r\nContent-Encoding: gzip\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 118dac46e5f6e67dd743f91342214aea-fra-edge1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":32012,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (32012), with no line terminators","md5":"500266c91b0ec8e57c12216f8bedaf37","sha1":"b144c339d0f503b23b6cf0d838c8f11d961f0e3a","sha256":"c87190a157719caf07b908d6650884d0e429a7f896afa4a3e35ed00382779af2","sha512":"f7941de3885114120b5d8333daf347a340e73f04c53c788449f27ecdd84a958de8d9457f36f12fea4b38ae029c4789542f112acd4e3c40ed9e2e009a3e16bda5","ssdeep":"768:4yF7Qsuypgn/f7RmHL4yDCwSrLSMLFjSxu/ern352T18SI5jID:4k7QsuySnn23MsxE1u8D","tlshash":"26e21bf692c031e5a047e3f5fc676b99722e70bfb7058998c6e40984e1c697c89acdc4","first_seen":"2026-03-06T18:42:44.60562Z","last_seen":"2026-05-07T12:09:58.482817Z","times_seen":2306,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":27,"dns":2,"connect":25,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"upstar.agency","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"upstar.agency/bold-moves.webp","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.119Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /bold-moves.webp HTTP/1.1\r\nHost: upstar.agency\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 07 May 2026 10:36:35 GMT\r\nContent-Type: image/webp\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nCache-Control: no-store\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 3a3b600fd79968172bce478fc7886176-fra-edge2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":87332,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e026a675d0fcd9cd20321c1b111f8fe7","sha1":"b91336d5241a7d3a20d88872d3058c6dc7da774f","sha256":"f0d60a0a71d9c16e9a1769fa1a956c207c5950ae1663488ccd7fd185c9f7c219","sha512":"a76d3794a88f1277ddeb062d168fe1c29935343fecb00d1086e660456a775b096b387c3f73c4922b3b1d2a87ed78bd1db3652ef06bff2ab99fad042d09ffa698","ssdeep":"1536:sGZK/PZlovqyH2wS3yeIUb2GQCvsd2SLxrijHNlozhi9bi/BaOoMrSn0eEdKr8lT:sGExloiFwS3oci8OvrYQoMrU0J5l8O","tlshash":"108312065fd26fb4e06c3cb6212fd5ea1ca021c69384746563c153a722b7bf6c63ead4","first_seen":"2025-10-23T16:23:34.57286Z","last_seen":"2026-05-07T12:09:58.489538Z","times_seen":5949,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":252,"dns":1,"connect":20,"send":0,"wait":23,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"upstar.agency","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Hp2ywxg089UriCZOIHTWCBl0-8Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Hp2ywxg089UriCZOIHTWCBl0-8Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://upstar.agency\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 62460\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:50:47 GMT\r\nexpires: Wed, 05 May 2027 18:50:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:30:17 GMT\r\ncontent-type: font/woff2\r\nage: 143148\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":62460,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 62460, version 1.0","md5":"4c04ee82dc1deb4f32b244195d258e9b","sha1":"9bd2bc9c6f54075acd20589f87c17a73e3ab07b3","sha256":"ab72fd10c9ac5633c1f9ae4267864b674596062e023458e02973080bd1098904","sha512":"43bd417c75382fbcad7a44c73db7ec8e883bb505b63215ec67488eb205b61acd94031d5740bdf70cf413fcb126ac6a567b4c71831eeb063e5643fa0adc704895","ssdeep":"1536:Hjv9lkTtdw0aS3yPvWdfDSFdW6KK8zPJ86DQMBXQX:Hz9ceS3y2FDSFdRKNzPJj5gX","tlshash":"8753028264d3489c8c8b69d354847f1c707ef88fc1b88995a8e33ca14d4b1e6e85ad7f","first_seen":"2025-09-11T19:26:36.805532Z","last_seen":"2026-05-07T12:27:47.548262Z","times_seen":11186,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":142,"dns":43,"connect":21,"send":0,"wait":61,"receive":19,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/dmsans/v17/rP2Fp2ywxg089UriCZa4Hz-DJFge8QH9.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/dmsans/v17/rP2Fp2ywxg089UriCZa4Hz-DJFge8QH9.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://upstar.agency\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 75776\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:28:34 GMT\r\nexpires: Wed, 05 May 2027 18:28:34 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:29:39 GMT\r\ncontent-type: font/woff2\r\nage: 144481\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75776,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 75776, version 1.0","md5":"8589d8ea5d3ba8d505ac4b78d4ef85c8","sha1":"f46228f34974dc4ad5abe55b12963f043c8613f9","sha256":"35f82cf9a300a94f9b3a27dffbf31467bb62961601774767f7cb44709cb3dfcf","sha512":"1281a6527c740dafca755b48fcec649b9c5d370bb1764e21f40370aff202d105721cef937396681e7213ed2d7b280672d8d3b7a87d711043319d972946f0cf06","ssdeep":"1536:KpsPQaeMjbaZfb0WBLyoEPUsfEx7M0xl0muydN3TwlbbD1wY/fvenGceP:KqDPjYkpcmM9xc8eAneP","tlshash":"a6730293154ce4c90b5a70ff6623ec1a23b3dc2881587b1bbc6a91f72c1e7171569b26","first_seen":"2025-09-14T19:53:37.023737Z","last_seen":"2026-05-07T12:09:58.484584Z","times_seen":2705,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":135,"dns":41,"connect":21,"send":0,"wait":26,"receive":40,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e6551","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:17:21 GMT","end":"Wed, 01 Jul 2026 05:17:20 GMT"},"fingerprint":{"sha1":"44:62:36:EA:04:7F:DE:AF:4E:CA:E9:8F:72:03:CB:45:DF:75:F7:F7","sha256":"B4:8C:53:A3:0D:7C:33:E8:76:50:59:1C:1B:D2:32:8D:60:4E:01:31:A3:F4:72:1A:B4:D1:AB:C2:8A:9A:8C:74"}}},"request":{"raw":"GET /gtag/js?id=G-S4HMJ5EXYY\u0026cx=c\u0026gtm=4e6551 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 07 May 2026 10:36:35 GMT\r\nexpires: Thu, 07 May 2026 10:36:35 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 164073\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":503785,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6997)","md5":"a3e3507e8e18ffdecca153897b920b68","sha1":"13cdd323adba8aa88ad15af594b82c92d1634132","sha256":"bdfad233a145f6e84dab7d3d9a26a8986a1318684ad1a5dfc961f7a3e0819c1e","sha512":"fba8b38d7116ce933e33a11296bb68a6e0fc66161a0f9ee59a9d34b1f7ecbb06912ebc8690cf8b6effe787911b654d5c61bba1b60d97ec37a664a679ebf972c6","ssdeep":"6144:Ocrn61niIJpgh4VLnt9uF4vct+BwZ7hNzBHuLF2jo:NuiIJa4VnGL1o","tlshash":"bdb4f9ceb3d674525396f478903f01cba97b39a2b49cc89ab189cce02e3455a5137f78","first_seen":"2026-05-07T08:56:38.595331Z","last_seen":"2026-05-07T13:27:05.80729Z","times_seen":46,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-S4HMJ5EXYY\u0026gtm=45je6551v9135860898za20g\u0026_p=1778150195418\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026_eu=AAAIAGAC\u0026cid=630847909.1778150196\u0026frm=0\u0026pscdl=noapi\u0026rcb=10\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938469~118463261~118719170\u0026sid=1778150195\u0026sct=1\u0026seg=0\u0026dl=http%3A%2F%2Fupstar.agency%2F\u0026dt=Parked%20Domain%20name%20on%20Hostinger%20DNS%20system\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=908","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:17:21 GMT","end":"Wed, 01 Jul 2026 05:17:20 GMT"},"fingerprint":{"sha1":"44:62:36:EA:04:7F:DE:AF:4E:CA:E9:8F:72:03:CB:45:DF:75:F7:F7","sha256":"B4:8C:53:A3:0D:7C:33:E8:76:50:59:1C:1B:D2:32:8D:60:4E:01:31:A3:F4:72:1A:B4:D1:AB:C2:8A:9A:8C:74"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-S4HMJ5EXYY\u0026gtm=45je6551v9135860898za20g\u0026_p=1778150195418\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026_eu=AAAIAGAC\u0026cid=630847909.1778150196\u0026frm=0\u0026pscdl=noapi\u0026rcb=10\u0026sr=1280x1024\u0026ul=en-us\u0026gaf=2\u0026_s=1\u0026tag_exp=0~115938465~115938469~118463261~118719170\u0026sid=1778150195\u0026sct=1\u0026seg=0\u0026dl=http%3A%2F%2Fupstar.agency%2F\u0026dt=Parked%20Domain%20name%20on%20Hostinger%20DNS%20system\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=908 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://upstar.agency/\r\nOrigin: http://upstar.agency\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: http://upstar.agency\r\ndate: Thu, 07 May 2026 10:36:35 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:196:0\r\nreport-to: {\"group\":\"ascnsrsggc:196:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T12:57:30.767962Z","times_seen":14787195,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":58,"dns":0,"connect":22,"send":0,"wait":32,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"upstar.agency/","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-07T10:36:34.820Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: upstar.agency\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T12:57:30.767962Z","times_seen":14787195,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":57,"connect":20,"send":0,"wait":0,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"upstar.agency","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css2?family=DM+Sans:ital,opsz,wght@0,9..40,100..1000;1,9..40,100..1000\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 07 May 2026 10:36:35 GMT\r\ndate: Thu, 07 May 2026 10:36:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1729,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"5ffc15542a2c42f67876d646f086f9eb","sha1":"a075c5d2469c886c1e4c2aeb9be62dcb436c26d6","sha256":"fb05ad76b6b4f1c851a30b94a677bae20d3d99203e83ebdfc3772aa6accc55f2","sha512":"a19fb78fa78c8a5c6fba1a37f25e4860f7011ca00f209d840890ee156fabef593c7de21a57116c0777eec28568fe4a3337afdef886414fa08831d7885b88259c","ssdeep":"","tlshash":"9231df81087b6114e7571dc122ce7e32ef1fa1906454a874bbfe2894fc56c6e5371b4d","first_seen":"2025-09-12T01:48:17.883282Z","last_seen":"2026-05-07T12:09:58.488113Z","times_seen":8335,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":225,"dns":28,"connect":21,"send":0,"wait":33,"receive":0,"ssl":179},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-26575989-44","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"192.178.25.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:17:21 GMT","end":"Wed, 01 Jul 2026 05:17:20 GMT"},"fingerprint":{"sha1":"44:62:36:EA:04:7F:DE:AF:4E:CA:E9:8F:72:03:CB:45:DF:75:F7:F7","sha256":"B4:8C:53:A3:0D:7C:33:E8:76:50:59:1C:1B:D2:32:8D:60:4E:01:31:A3:F4:72:1A:B4:D1:AB:C2:8A:9A:8C:74"}}},"request":{"raw":"GET /gtag/js?id=UA-26575989-44 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 07 May 2026 10:36:35 GMT\r\nexpires: Thu, 07 May 2026 10:36:35 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 07 May 2026 09:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 124451\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":359103,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"3e918c344b239d442b253061bab845f2","sha1":"e4e85bcfc6d1cb03f0aa6be795946205ba1fb974","sha256":"43838c712891f86c28ff229c0f8834dea3d44e25421ac9e2637d2f1986e0804f","sha512":"58a9c5a74fd2fee1c8461b15d6410f6e0508da03705da3d375a112d99c32350c0d8dbf41e771dbeb765a22dc78b9ee4208a077c211b8465bedc0e79125246854","ssdeep":"6144:kn61w2JpgY4auITvct+BwZ70nY84Ofprj9:E2JF40R4C9","tlshash":"087409cdb3d674629393a478503f018ba27a7892f84cc899f186dcd42e7469a4237f7d","first_seen":"2026-05-07T08:56:38.59907Z","last_seen":"2026-05-07T13:27:05.805473Z","times_seen":46,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":88,"dns":0,"connect":8,"send":0,"wait":21,"receive":25,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"upstar.agency/favicon.ico","fqdn":"upstar.agency","domain":"upstar.agency","tld":"agency"},"ip":{"addr":"2.57.91.91","port":80,"asn":47583,"as":"Hostinger International Limited","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.678Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: upstar.agency\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 07 May 2026 10:36:35 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nVary: Accept-Encoding\r\nCache-Control: no-store\r\nContent-Encoding: gzip\r\nServer: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 702ba2bfdb83528adf017c307e1fe97d-fra-edge4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":32012,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (32012), with no line terminators","md5":"500266c91b0ec8e57c12216f8bedaf37","sha1":"b144c339d0f503b23b6cf0d838c8f11d961f0e3a","sha256":"c87190a157719caf07b908d6650884d0e429a7f896afa4a3e35ed00382779af2","sha512":"f7941de3885114120b5d8333daf347a340e73f04c53c788449f27ecdd84a958de8d9457f36f12fea4b38ae029c4789542f112acd4e3c40ed9e2e009a3e16bda5","ssdeep":"768:4yF7Qsuypgn/f7RmHL4yDCwSrLSMLFjSxu/ern352T18SI5jID:4k7QsuySnn23MsxE1u8D","tlshash":"26e21bf692c031e5a047e3f5fc676b99722e70bfb7058998c6e40984e1c697c89acdc4","first_seen":"2026-03-06T18:42:44.60562Z","last_seen":"2026-05-07T12:09:58.482817Z","times_seen":2306,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":1,"connect":20,"send":0,"wait":22,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-07","alert":"Sinkholed","trigger":"upstar.agency","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-S4HMJ5EXYY\u0026cid=630847909.1778150196\u0026gtm=45je6551v9135860898za20g\u0026rcb=10\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938469~118463261~118719170\u0026z=2036758135","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://upstar.agency/","date":"2026-05-07T10:36:35.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:21:49 GMT","end":"Wed, 01 Jul 2026 05:21:48 GMT"},"fingerprint":{"sha1":"EE:5C:25:5C:9F:D0:1B:8A:21:66:25:B8:58:89:08:9E:98:CC:97:83","sha256":"64:9A:82:4F:84:13:52:72:7E:EA:07:7A:EA:D1:44:FE:5E:CB:39:F0:16:99:34:83:19:DC:84:AC:A7:DB:5A:4F"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-S4HMJ5EXYY\u0026cid=630847909.1778150196\u0026gtm=45je6551v9135860898za20g\u0026rcb=10\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=0~115938465~115938469~118463261~118719170\u0026z=2036758135 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://upstar.agency/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Thu, 07 May 2026 10:36:35 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-07T12:57:32.99433Z","times_seen":859773,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":65,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}